Skills
NYC
skills/bahayonghang/my-claude-code-settings/yt-dlp/Gen Agent Trust Hub

yt-dlp

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [Remote Code Execution] (MEDIUM): The PowerShell dependency check script recommends installing system tools by piping scripts from the internet directly into the interpreter. This pattern is often used in malicious context for initial access.
  • Evidence: Invoke-RestMethod -Uri https://get.scoop.sh | Invoke-Expression in examples/check-ffmpeg.ps1.
  • Evidence: iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1')) in examples/check-ffmpeg.ps1.
  • [Command Execution] (LOW): The core functionality relies on executing external binaries (yt-dlp, ffmpeg, jq) with arguments derived from user-provided URLs.
  • [Indirect Prompt Injection] (LOW): The skill processes untrusted metadata from external websites (such as video titles and descriptions) using yt-dlp --dump-json. This content could contain instructions targeting the AI agent.
  • Ingestion points: examples/download-scripts.sh (function show_info).
  • Boundary markers: Absent.
  • Capability inventory: Subprocess execution of shell commands.
  • Sanitization: No explicit sanitization of metadata output before processing.
  • [Privilege Escalation] (LOW): The helper scripts recommend the use of sudo for package installations on Linux/macOS, which is a standard requirement for system-wide dependency management.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:13 PM